• Title/Summary/Keyword: Security of IoT

Search Result 927, Processing Time 0.026 seconds

System Hardening and Security Monitoring for IoT Devices to Mitigate IoT Security Vulnerabilities and Threats

  • Choi, Seul-Ki;Yang, Chung-Huang;Kwak, Jin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.2
    • /
    • pp.906-918
    • /
    • 2018
  • The advent of the Internet of Things (IoT) technology, which brings many benefits to our lives, has resulted in numerous IoT devices in many parts of our living environment. However, to adapt to the rapid changes in the IoT market, numerous IoT devices were widely deployed without implementing security by design at the time of development. As a result, malicious attackers have targeted IoT devices, and IoT devices lacking security features have been compromised by attackers, resulting in many security incidents. In particular, an attacker can take control of an IoT device, such as Mirai Botnet, that has insufficient security features. The IoT device can be used to paralyze numerous websites by performing a DDoS attack against a DNS service provider. Therefore, this study proposes a scheme to minimize security vulnerabilities and threats in IoT devices to improve the security of the IoT service environment.

An Analysis of Research Trends in IoT Security (IoT 보안에 대한 국내외 연구 동향 분석)

  • Yu, Woo Young
    • Convergence Security Journal
    • /
    • v.18 no.1
    • /
    • pp.61-67
    • /
    • 2018
  • IoT technology is currently being applied at various industrial sites and is developing as a core technology in the fourth industrial revolution. Along with IoT developments, awareness and importance of IoT security is increasing, and research on IoT security is underway to counter these threats. However, research trends in the context of IoT security awareness are insufficient. This paper is a research that analyzes the progress of R&D and IoT security in both domestic and international IoT and thus leads to improvements. The research covered the 229 papers and articles of domestic and foreign journals covering security fields as a main theme. Among them, detailed analyses of 96 papers related to IoT security were performed. Research has shown that many studies are being conducted on trends in IoT security, key management and privacy. A detailed study on the characteristics of services to apply IoT technologies and access control and authentication between IoT devices is needed, and a study that addressed the issues of privacy in IoT environments in Korea.

  • PDF

IoT-based Application of Information Security Triad

  • Mana Saleh Al Reshan
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.9
    • /
    • pp.85-92
    • /
    • 2024
  • Information Security is the foremost concern for IoT (Internet of things) devices and applications. Since the advent of IoT, its applications and devices have experienced an exponential increase in numerous applications which are utilized. Nowadays we people are becoming smart because we started using smart devices like a smartwatch, smart TV, smart home appliances. These devices are part of the IoT devices. The IoT device differs widely in capacity storage, size, computational power, and supply of energy. With the rapid increase of IoT devices in different IoT fields, information security, and privacy are not addressed well. Most IoT devices having constraints in computational and operational capabilities are a threat to security and privacy, also prone to cyber-attacks. This study presents a CIA triad-based information security implementation for the four-layer architecture of the IoT devices. An overview of layer-wise threats to the IoT devices and finally suggest CIA triad-based security techniques for securing the IoT devices..Make sure that the abstract is written as one paragraph.

Analysis of Security Vulnerabilities for IoT Devices

  • Kim, Hee-Hyun;Yoo, Jinho
    • Journal of Information Processing Systems
    • /
    • v.18 no.4
    • /
    • pp.489-499
    • /
    • 2022
  • Recently, the number of Internet of Things (IoT) devices has been increasing exponentially. These IoT devices are directly connected to the internet to exchange information. IoT devices are becoming smaller and lighter. However, security measures are not taken in a timely manner compared to the security vulnerabilities of IoT devices. This is often the case when the security patches cannot be applied to the device because the security patches are not adequately applied or there is no patch function. Thus, security vulnerabilities continue to exist, and security incidents continue to increase. In this study, we classified and analyzed the most common security vulnerabilities for IoT devices and identify the essential vulnerabilities of IoT devices that should be considered for security when producing IoT devices. This paper will contribute to reducing the occurrence of security vulnerabilities in companies that produce IoT devices. Additionally, companies can identify vulnerabilities that frequently occur in IoT devices and take preemptive measures.

Institutional Improvements for Security of IoT Devices (IoT 기기의 보안성 확보를 위한 제도적 개선방안)

  • Lee, Donghyeok;Park, Namje
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.607-615
    • /
    • 2017
  • Recently, IoT products with various functions are being developed. Through the combination of objects and information technology, convenient services that have not been imagined before are emerging. For a secure IoT environment, product security must be considered. However, the existing IoT products have various problems such as security vulnerability. In order to secure the security of IoT products, technical countermeasures as well as policy responses are needed. However, the legislation related to current IoT products has a limit to guarantee safety in IoT environment. In this paper, we analyze the limitations of the current legal system of IoT, and suggests ways to improve it.

A Study on Priority of Certification Criteria for IoT Security Certification Service (IoT 보안인증서비스 인증기준 중요도 우선순위에 관한 연구)

  • Kang, Da-Yeon;Hwang, Jong-Ho
    • The Journal of the Korea Contents Association
    • /
    • v.19 no.7
    • /
    • pp.13-21
    • /
    • 2019
  • Because security of Internet of Things(IoT) products and others is poor, there are many hacking incidents To prevent security threats, it is important for companies to first make products with high security levels and choose products that are safe for users. In response, the Korea Internet & Security Agency is testing the security of IoT products and linked mobile apps to impose ratings. Security certification service is a service that tests IoT products and linked mobile apps to ensure certain levels of security and issues certificates when they meet the criteria. It can induce autonomous security enhancement of IoT products, contribute to strengthening security capabilities of IoT companies in Korea and vitalizing their overseas advancement, and have the expected effect of resolving public anxiety over IoT products. In this study, the criteria for IoT security certification are presented, but the importance priority is sought to be derived for assessment items that need to be strengthened. This will help to provide guidelines that can contribute to strengthening the security capabilities of domestic Internet companies and boosting their overseas advancement.

A Study on Security Requirments Analysis through Security Threat Modeling of Home IoT Appliance (Home IoT 가전의 보안위협모델링을 통한 보안요구사항 분석에 관한 연구)

  • Yun, Suk-Jin;Kim, Jungduk
    • The Journal of Society for e-Business Studies
    • /
    • v.24 no.2
    • /
    • pp.113-124
    • /
    • 2019
  • Today many companies are offering IoT-enabled products and place emphasis on security from the planning stage to protect their products and user information from external threats. The present security levels, however, remain low because the time and resources invested in developing security requirements for each device are far from enough to meet the needs of a wide range of IoT products. Nevertheless, vulnerabilities of IoT devices have been reported continuously, which calls for more detailed security requirements for home IoT devices. In this context, this research identified threats of home IoT systems by using Microsoft Threat Modeling Tool. It then suggested measures to enhance the security of home IoT devices by developing security assessment items through comparative analysis of the identified threats, domestic and global vulnerability assessment standards and related research. It also verified the effectiveness of the developed security requirements by testing them against the existing ones, and the results revealed the security requirements developed in this research proved to be more effective in identifying vulnerabilities.

A Study on IoT Devices Vulnerability and Security (IoT 디바이스 보안위협 및 대응방안 연구)

  • Yoo, Seung Jae
    • Convergence Security Journal
    • /
    • v.21 no.1
    • /
    • pp.9-17
    • /
    • 2021
  • Numerous IoT devices are connected to a wireless network environment to collect and transmit data without time and space limitations, but many security vulnerabilities are exposed in these process. But IoT security is not easy to create feasible security standards and device authentication due to differences in the approach or implementation of devices and networks. However, it is clear that the improvement and application of the standard framework for enhancing the security level of the device is the starting point to help the most successful security effect. In this study, we investigate the confidentiality, integrity, availability, and access control implementation plans for IoT devices (which are the basic goals of information security), and standardized security evaluation criteria for IoT devices, and study ways to improve them.

Risk of Attack through an Open Wireless Network of IoT Devices (IoT 장치의 개방형 무선 네트워크를 통한 공격 위험)

  • Lee, Geonwoo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2019.05a
    • /
    • pp.10-14
    • /
    • 2019
  • The number of security incidents is increasing as the Internet of Things(IoT) is distributed widely. The security incidents of IoT can cause financial damages. Moreover, It can become direct threats to humans. In order to prevent these problems, the security installation for IoT devices is important. This paper describes the definition of IoT devices, security incident case, architecture, and the security threats that can occur when a device is connected to network without security installation.

  • PDF

A Study on the Enterprise security convergence strategy in the IoT(the Internet of Things) Era (IoT시대의 기업 융합보안 전략에 대한 연구)

  • Noh, Jong-ho;Lee, Jong-hyeong;Kwon, Hun-yeong
    • Convergence Security Journal
    • /
    • v.17 no.2
    • /
    • pp.33-39
    • /
    • 2017
  • In the age of full scale IoT, concept of "security convergence" has been popularized widely. However, it is not clear whether current "security convergence" concept reflects IoT characteristics and traits. In this thesis, a new concept, complementing "security convergence" concept researches up to date, has been suggested considering IoT characteristics. Required governance methodology and key technical factors are suggested for re-establishment of "security convergence" concept and for enterprise security strategy development.